Help on Fraud e-mail

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I repeated received e-mails which is faking to be sent from our own
administrator/mail/system etc. What can I do, can I send it to our ISP
or to police ?

I have attached the view message source below. Can we tell where it is
really from?

small xxx - stands for the name of the e-mai reciepient
XXX - stands for the com.

Thanks in adavance.


Quoted text here. Click to load it
X-Account-Key: account2
X-UIDL: 3f77ac250000d3dc
X-Mozilla-Status: 0001
X-Mozilla-Status2: 10000000
Received: from ( [])
    by localhost.localdomain (8.12.5/8.12.5) with ESMTP id jATBGtLN031461
Subject: You have successfully updated your password
Date: Tue, 29 Nov 2005 19:07:16 +0800
MIME-Version: 1.0
Content-Type: multipart/mixed;
X-Priority: 3
X-MSMail-Priority: Normal

This is a multi-part message in MIME format.

Content-Type: text/html;
Content-Transfer-Encoding: 7bit

Re: Help on Fraud e-mail

Quoted text here. Click to load it

grep jATBGtLN031461 `awk '/^mail\./ {print $2}' /etc/syslog.conf`

will provide more information.

Re: Help on Fraud e-mail

ynotssor wrote:

Quoted text here. Click to load it

To elaborate on what ynotssor is saying, the IP address on
the first "Received:" line,, is a reliable
indicator of the IP address from which your mail-receiving
computer received this message. Since belongs
to, and since you are posting from,
the origin of the message may be revealed by looking for the
message-ID in your system's mail log files. You will probably
need root privileges to do so.

Peter Pearson
To get my email address, substitute:
nowhere -> spamcop, invalid -> net

Re: Help on Fraud e-mail

Hi -


Quoted text here. Click to load it

Personally I reject email from servers which HELO/EHLO themselves as
my mail server or with one of my IP addresses.  They get a 5xy
rejection with a nasty text portion.

The same thing if the envelope MAIL FROM address is my current domain
registration email address or any of my past ones.

Ken /

Site Timeline